Filtering and searching alerts by source address

You can filter alerts and search the alerts table for specific alerts based on the Source criterion, which indicates the alert source address. For example, this can be the email address from which a malicious file was sent, or the IP address of the computer on your corporate LAN to which a malicious file was downloaded.

To filter or search alerts by source address:

1. Select the Alerts section in the window of the application web interface.

   This opens the table of alerts.

2. Click the Source link to open the filter configuration window.
3. In the drop-down list, select one of the following alert filtering operators:
   • Contain
   • Not contain
   • Matches
   • Not matches
4. In the entry field, specify one or several characters of the alert source address.
5. To add a filter condition using a different criterion, click and specify the filter condition.
6. Click Apply.

The table of alerts displays only alerts matching the filter criteria you have set.

See also Filtering, sorting, and searching alerts Filtering alerts by VIP status Filtering and searching alerts by time Filtering alerts by level of importance Filtering and searching alerts by categories of objects detected Filtering and searching alerts by obtained information Filtering and searching alerts by destination address Filtering and searching alerts by server name Filtering and searching alerts by technology name Filtering and searching alerts by the status of their processing by the user Sorting alerts in the table Quickly creating an alert filter Clearing an alert filter

Page top